Gentoo: 200302-02 Urgent: Slocate Buffer Overflow Exploit Alert
gentoo
February 3, 2003
The overflow appears when the slocate is run with two parameters: -c and -r, using as arguments a 1024 bytes string.
Summary
- -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200302-02 - -------------------------------------------------------------------- DATE : 2003-02-02 13:36 UTC
- --------------------------------------------------------------------
From advisory:
"The overflow appears when the slocate is runned with two parameters: -c and -r, using as arguments a 1024 (or 10240, as Knight420 has informed us earlier) bytes string."
Read the full advisory at
SOLUTION
It is recommended that all Gentoo Linux users who are running sys-apps/slocate upgrade to slocate-2.7 as follows:
emerge sync emerge -u slocate emerge clean
- -------------------------------------------------------------------- aliz@gentoo.org - GnuPG key is available at - --------------------------------------------------------------------
Resolution
References
Availability
style>.gentoo_availability{display:block;}
Concerns
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
PACKAGE : slocate
SUMMARY : buffer overflow
EXPLOIT : local
Background
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Impact
Workaround
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!